MoneyAsk.AI

Privacy Policy

Last revised: 10 May 2026

1. Introduction and scope

This Privacy Policy describes how MoneyAskAI ("MoneyAskAI", "we", "us") collects, uses, stores and discloses personal data when you use our website, mobile apps (if any), and related online features (collectively, the "Services"). The Services help you explore financial products and include an AI-assisted chat experience. Unless we say otherwise, we are not your lender or regulated credit provider; we provide information, routing and referral assistance rather than standing behind every third-party offer.

Please read this Privacy Policy in full before using the Services. By accessing or using the Services, you agree to our Terms & Conditions and consent to the practices described here regarding your information.

2. What we mean by "Personal Data"

In this Privacy Policy, "Personal Data" means data relating to a living individual from which it is practicable for the identity of the individual to be ascertained, whether recorded electronically or otherwise.

3. How we collect information

We collect information about you in three broad ways:

  • Information you give us β€” for example when you create an account, complete onboarding or forms, chat with our assistant, submit application reports, redeem perks, or contact support.
  • Information collected automatically β€” technical and usage data sent by your browser or device, including through cookies and similar technologies.
  • Information from third parties β€” where permitted, partners, contractors, analytics platforms, or integrated sign-in providers may supply additional data.

4. Categories of Personal Data we may collect

Depending on the features you use, examples include (without limitation):

  • Identity and contact details β€” name, email address, telephone number, postal address (if supplied).
  • Account credentials β€” username or identifiers, and basic profile elements shared when you authenticate via a third-party platform with your explicit consent (such as display name or avatar).
  • Financial preferences β€” savings goals, risk appetite, income band, net-worth band, liquidity needs, or similar profile attributes if you choose to share them.
  • Product interests β€” categories you browse, compare, or ask our assistant about.
  • Application-related records β€” product applied for, application date, reference numbers, gift selections, and other fields needed to operate rewards or verification workflows.
  • Communications β€” support tickets, surveys, event registrations, and voluntary feedback.
  • Chat transcripts β€” messages you exchange with the AI assistant so we can respond, troubleshoot, and improve models and prompts within lawful bases.
  • Verification data β€” only where a specific workflow clearly requires it and you expressly consent, we may collect documentary details described at the point of collection (for example, to satisfy anti-fraud checks coordinated with a partner).

Unless a feature is marked mandatory or we are legally obliged to collect certain fields, providing Personal Data is voluntary. If you withhold information reasonably needed for a quote, routing link, or partner workflow, that feature may be unavailable or less accurate.

5. Automated technologies, analytics, and cookies

When you interact with the Services we may automatically log information such as:

  • Device or browser attributes β€” operating system, hardware class, language settings, screen characteristics.
  • Connection metadata β€” IP address, ISP or mobile carrier (where available), referral URLs, session timestamps, pages viewed, clicks, scroll depth, feature usage counters.
  • Diagnostics β€” error reports, latency measurements, security alerts.

Cookies and comparable technologies help us remember preferences, maintain authenticated sessions, measure audience engagement, and personalize layouts or messaging. Session cookies typically expire when you close your browser; persistent cookies remain until they expire or you delete them. You may refuse or remove cookies via browser controls, but parts of the Services (including saved preferences or certain referral tracking) may degrade.

We may engage reputable analytics or advertising partners who place their own cookies or pixels. Those vendors process data under their privacy notices as well as contractual safeguards we impose where required by law. Aggregated or pseudonymous datasets derived from automatic collection may be combined with other Personal Data we hold; where that occurs we treat the combined set as Personal Data under this Privacy Policy.

6. Integrated sign-in and partner feeds

If you register or sign in through an integrated provider (for example Google or Facebook), we may receive profile elements the provider discloses based on your authorization. Review each provider's privacy controls to understand what is shared and how to revoke access.

From time to time partners may send us campaign attribution data, eligibility hints, or aggregated statistics so we can measure conversions. We handle such feeds consistently with this Privacy Policy and any contractual restrictions communicated by the partner.

7. Accuracy and retention

You warrant that Personal Data you submit β€” including data about family members or co-applicants where relevant β€” is truthful and complete, and you will promptly notify us of material changes. Providing inaccurate information may affect eligibility checks, incentives, or partner decisions; any loss arising from incorrect submissions may remain your responsibility to the extent permitted by law.

When you supply someone else's Personal Data, you confirm you have lawful authority and, where needed, have secured their consent for our processing.

We retain Personal Data only as long as necessary for the purposes described here and to meet legal, regulatory, tax, accounting, or auditing obligations. We may retain limited records longer where disputes, investigations, or prospective litigation warrant a litigation hold.

8. How we use Personal Data

We process Personal Data for legitimate business purposes, including:

  • Creating and administering customer accounts, including multi-factor or device-verification messages.
  • Operating the AI assistant, generating contextual explanations, surfacing product matches, and improving ranking or recommendation logic.
  • Facilitating comparisons, quotations, or deep links to partner-hosted application journeys.
  • Processing incentive claims, verifying eligibility with partners, and reconciling referral fees.
  • Conducting analytics on browsing behaviour, demographic cohorts, and funnel performance to refine UX and marketing.
  • Sending operational notices β€” including security alerts and mandatory policy updates β€” which may not offer an unsubscribe pathway unless you close your account.
  • Delivering newsletters or promotional campaigns where you have opted in, and undertaking remarketing consistent with your choices and applicable law.
  • Detecting, investigating, and preventing fraud, abuse, or misuse of the Services.
  • Complying with court orders, regulator inquiries, or Hong Kong / overseas legal duties.
  • Creating anonymized or aggregated datasets that no longer identify you for benchmarking, research, or partner reporting.

Personalized outputs may involve automated processing, including machine-learning or generative components alongside human review where appropriate. Those outputs are informational only and do not discharge your obligation to verify terms, fees, and suitability directly with the issuing institution.

9. Partner products and outward journeys

When you choose to apply for a financial product hosted by a third-party partner, your Personal Data will be collected directly by that partner under its own privacy notice. The partner may contact you about underwriting, fulfilment, or servicing. We are not responsible for processing performed outside our environment once you leave our controlled flows, except as stated in this Privacy Policy or required by law.

10. Disclosure and international transfers

We may disclose Personal Data to:

  • Affiliates within our corporate group that assist with engineering, analytics, or shared infrastructure.
  • Service providers β€” cloud hosts, messaging gateways, payment processors, customer-support tooling, consultants, or auditors β€” subject to confidentiality and data-processing terms.
  • Financial institution partners when you request introductions, pre-fill forms, or fulfil promo mechanics requiring confirmation.
  • Marketing collaborators β€” advertising networks, social platforms, or data onboarders β€” limited to what is needed for audience matching where consent or legitimate interest frameworks apply.
  • Prospective purchasers or investors during a merger, acquisition, financing, or asset sale, provided successors honour compatible safeguards.
  • Government agencies, regulators, courts, or law-enforcement bodies when compelled by lawful process, or when necessary to protect rights, safety, or property.

Our servers or subprocessors may be located outside Hong Kong. Overseas jurisdictions may follow different privacy rules. Where transfers are not covered by an adequacy decision, we implement appropriate safeguards such as contractual clauses and vendor diligence.

By using the Services you acknowledge this disclosure framework unless a narrower consent is mandated for a specific processing activity.

11. Direct marketing preferences

With your consent (where required), we may send updates about offers, webinars, or product launches that relate to the Services or curated partner programmes. Marketing emails include unsubscribe mechanisms; SMS or messaging channels will describe equivalent opt-out steps.

With separate consent, we may furnish limited contact fields to partners so they can market compatible services. You may withdraw consent or object to certain processing by emailing us (see Section 15).

Account-related or security notices may continue even if you opt out of promotions. Closing your account may be the only way to stop some transactional messages tied to regulatory notices.

12. Third-party platforms

If you contract directly with a third party discovered via the Services, their privacy policy alone governs subsequent processing. Review every issuer's documentation before committing β€” we are not liable for independent decisions those entities make about your data once it leaves our systems (subject to applicable law).

13. Security measures

We apply layered administrative, technical, and physical safeguards β€” including access controls, encryption in transit where appropriate, vulnerability monitoring, and vendor assessments β€” aligned with the sensitivity of the data processed.

No online platform can promise flawless security. You transmit information at your own risk and should use trusted devices and networks. Keep passwords confidential; we are not responsible for unauthorized actions performed through a compromised credential unless negligence on our part is proven under applicable law.

14. Children

The Services are not directed to individuals under 18. If you believe a minor has shared Personal Data with us, please contact support so we can delete or anonymize the information where feasible.

15. Feedback and surveys

Unless we notify you otherwise, feedback, testimonials, or survey responses you submit may be used to improve the Services subject to this Privacy Policy and our Terms & Conditions.

16. Your rights under Hong Kong law

Under the Personal Data (Privacy) Ordinance (Cap. 486), you may request access to Personal Data we hold about you and ask for corrections where it is inaccurate. You may also withdraw marketing consent or lodge a complaint with the Privacy Commissioner for Personal Data. To exercise rights or raise queries, email contact@moneyask.ai with enough detail for us to verify your request.

17. Account deletion

Where available, you may initiate account deletion through in-product settings. We will erase or irreversibly anonymize identifiable Personal Data when retention is no longer necessary, except for archives we must keep by law or securely de-identified datasets used for analytics.

18. Changes to this Privacy Policy

We may amend this Privacy Policy to reflect operational, technical, or legal developments. The revised version will be posted with an updated "Last revised" date. Continued use after changes take effect constitutes acceptance unless we are legally required to obtain fresh consent for materially different processing.

19. Language precedence

This Privacy Policy may be published in multiple languages. If there is any inconsistency between the English version and a translation, the English version prevails to the extent permitted by law.

20. Relationship to other consents

This Privacy Policy supplements β€” and does not revoke β€” other consents you may have granted us. Nothing here limits lawful grounds we may rely upon under the PDPO or other statutes.

MoneyAsk.AI – Smart financial choices